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Description 

BACKGROUND OF THE INVENTION 
Field of the Invention 

[0001 ] The present invention relates to a data storage 
unit for recording data on a memory medium, such as a 
magneto-optical disk, and in particular to a data storage 
device which ensures the secrecy and the security of 
recorded data. 

Related Arts 

[0002] Generally, a data writable memory medium, 
such as a magneto-optical disk (MO), can be inserted 
into or removed from a data storage device (hereinafter 
simply referred to as a storage device) which reads and 
writes predetermined data from and to. When a memory 
medium is loaded into the storage device, operational 
control for the storage device is provided by commands 
issued by a superior apparatus, such as a personal com- 
puter connected to the storage device by a SCSI cable. 
[0003] Conventionally, by taking compatibility into ac- 
count, reading data from and writing data to a memory 
medium can also be performed by a storage device oth- 
er than the device which was originally employed for 
writing data. 

[0004] Fig. 28 is a flowchart for a data reading/writing 
process performed by a conventional storage device. 
After a memory medium is set to (for example, inserted 
into) the storage device at step S1 , at step S2 the me- 
dium is loaded. That is, the memory medium is posi- 
tioned at a predetermined location within the storage de- 
vice and is rotated at a controlled revolution rate. At step 
S3, predetermined data relevant to the memory medi- 
um, such as its configuration and its memory capacity, 
are read, and at step S4 the reading and writing of data 
is enabled by the employment of an operation or a proc- 
ess procedure based on data corresponding to that for 
the memory medium. 

[0005] Therefore, a problem has arisen in that once a 
memory medium has been acquired, secret data record- 
ed on the memory medium, such as the contents of a 
client database or design data, can easily be stolen or 
altered. 

[0006] EP-A-0 773 490 discloses a security system 
for protecting information stored in storage media com- 
prising terminals interfaced with data storage units, 
each terminal comprising a security controller; in con- 
trast, in the invention it is the data storage unit itself 
which comprises the security controller. This system re- 
quests an administrator in the branch office to determine 
an identifier of a specific terminal. This terminal ID is 
written into the authorized storage medium to give an 
exclusive read/write access privilege to the terminal. 



SUMMARY OF THE INVENTION 

[0007] It is, therefore, one objective of the present in- 
vention to provide a data storage device and a method 
5 that increases the secrecy and the security of data re- 
corded on a memory medium. 

[0008] These objects are achieved by the features of 
claims 1 and 7. 

[0009] When the first identifier recorded in the storage 
unit does not match the second identifier recorded on 
the memory medium, the controller inhibits access to the 
memory medium for the reading and writing of data. But 
when the first and the second identifiers match, the con- 
troller permits access to the memory medium for the 
reading and writing of data. 

[0010] As described above, since the storage device 
having an identifier which differs from the identifier re- 
corded on the memory medium inhibits access to the 
memory medium for the reading and writing of data, the 
secrecy of data recorded on the memory medium is en- 
sured. 

[001 1 ] Read address information to be used to control 
reading of data and/or write address information to be 
used to control writing of data are stored in a predeter- 
mined area on the memory medium. When the first iden- 
tifier matches the second identifier, the controller may 
permit or inhibit the reading and/or writing of data ac- 
cording to the read address information and/or the write 
address information respectively. 
[0012] The unique identifier and the second identifier 
are identifiers inherent to a data storage device or iden- 
tifiers inherent to a memory medium. For example, the 
identifier inherent to a data storage device or memory 
medium is a serial number of a data storage device or 
a memory medium. 

[001 3] Read address information to be used to control 
reading of data and/or write address information to be 
used to control writing of data are stored in a predeter- 
mined area on the memory medium. When the first iden- 
tifier matches the second identifier and the second ad- 
dress information is included in the first address infor- 
mation, the controller may permit or inhibit the reading 
and/or writing of data according to the read address in- 
formation and/or the write address information respec- 
tively. 

[001 4] In this structured data storage device, the con- 
troller records the second identifier, the read address 
information, the write address information, or the sec- 
ond address information in the predetermined area 
based on a predetermined setup command which is 
transmitted by a control device of a data storage device 
connected to the data storage device. 
[001 5] A predetermined setup command is, for exam- 
ple, a SCSI interface format command or a vender 
unique command. 

[0016] Further, it is preferable that the controller can 
initialize a predetermined area based on a predeter- 
mined release command, which is transmitted from the 
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control device of a data storage device connected to the 
data storage device. 

[0017] Other features and advantages of the present 
invention will become readily apparent from the follow- 
ing description when taken in conjunction with the ac- 
companying drawings. 

BRIEF DESCRIPTION OF THE DRAWINGS 

[0018] The accompanying drawings, which are incor- 
porated in and constitute a part of the specification, il- 
lustrate presently preferred embodiments of the inven- 
tion, and together with the general description given 
above and the detailed description of the preferred em- 
bodiments given below, serve to explain the principle of 
the invention, in which: 

Fig. 1 is a block diagram illustrating a data storage 
device according to embodiments of the present in- 
vention; 

Fig. 2 is a diagram showing an example layout for 
a format for a magneto-optical disk; 
Fig. 3 is a diagram showing the structure of a CDB 
for a security setup command that employs a ven- 
dor unique command; 

Fig. 4 is a diagram showing the structure of a CDB 
for a format command the security level of which is 
designated; 

Fig. 5 is a flowchart for security process performed 
according to a first embodiment of the present in- 
vention; 

Figs. 6A and 6B are diagrams depicting the struc- 
tures of a parameter header and a level descriptor; 
Figs. 7A and 7B are diagrams in each of which is 
shown the structure of a parameter field for a level 
descriptor; 

Fig. 8 is a flowchart for the security process per- 
formed according to a second embodiment of the 
present invention; 

Fig. 9 is a flowchart for the security process per- 
formed according to a third embodiment of the 
present invention; 

Fig. 1 0 is a flowchart for the security process per- 
formed according to a fourth embodiment of the 
present invention; 

Fig. 11 is a flowchart for the security process per- 
formed according to a fifth embodiment of the 
present invention; 

Fig. 12 is a flowchart for the security process per- 
formed according to a sixth embodiment of the 
present invention; 

Fig. 13 is a flowchart for the security process per- 
formed according to a seventh embodiment of the 
present invention; 

Fig. 14 is a flowchart for the security release proc- 
ess; 

Fig. 15 is a flowchart for the memory medium load- 
ing process performed when security information is. 



encoded; 

Fig. 1 6 is a flowchart for the memory medium load- 
ing process performed when security information is 
encoded and a password is set; 
5 Fig. 17 is a flowchart for recording process of the 

medium identifier to the storage device; 
Fig . 1 8 is a flowchart for security process performed 
according to an eighth embodiment of the present 
invention; 

Fig. 19 is a flowchart for the security process per- 
formed according to a ninth embodiment of the 
present invention; 

Fig. 20 is a flowchart for the security process per- 
formed according to a tenth embodiment of the 
present invention; 

Fig. 21 is a flowchart for the security process per- 
formed according to an eleventh embodiment of the 
present invention; 

Fig. 22 is a flowchart for the security process per- 
formed according to a twelfth embodiment of the 
present invention; 

Fig. 23 is a flowchart for the security process per- 
formed according to a thirteenth embodiment of the 
present invention; 

Fig. 24 is a flowchart for the security process per- 
formed according to a fourteenth embodiment of the 
present invention; 

Fig. 25 is a flowchart for the security release proc- 
ess in the another embodiments; 
Fig. 26 is a flowchart for the memory medium load- 
ing process performed when security information is 
encoded in the another embodiment; 
Fig. 27 is a flowchart for the memory medium load- 
ing process performed when security information is 
encoded and a password is set in the another em- 
bodiment; and 

Fig. 28 is a flowchart showing the conventional 
process performed when accessing a memory me- 
dium in the another embodiment. 

DETAILED DESCRIPTION OF THE PREFERRED 
EMBODIMENTS 

[0019] The preferred embodiments of the present in- 
vention will now be described while referring to the ac- 
companying drawings. However, the technical scope of 
the present invention is not limited to these embodi- 
ments. The same reference numerals or device identi- 
fiers are used to denote corresponding or identical com- 
ponents in the drawings. 

[0020] In the embodiment of the present invention, a 
magneto-optical disk (MO) is employed as a memory 
medium (hereinafter referred to as a medium) for re- 
cording data, but the medium that can be employed is 
not thereby limited, and another exchangeable memory 
disk, such as a magnetic disk, a floppy disk, an optical 
disk or a phase change optical disk may be employed. 
[0021] Fig. 1 is a schematic block diagram illustrating 
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a magneto-optical disk device according to the present 
invention. In Fig. 1, a magneto-optical disk device 1 is 
connected via a SCSI interface to a personal computer 
2, which is a superior apparatus. 

[0022] The magneto-optical disk device 2 comprises 
a mechanism controller 10, for performing writing data 
to and reading data from a magneto-optical disk, and a 
control unit which includes a magneto-optical disk con- 
troller (ODC) which employs firmware to implement a 
method according to the present invention. 
[0023] The control unit further includes an MPU 12, 
which controls the entire magneto-optical disk device 1 ; 
a D-RAM 13, which is a read/write buffer memory; a 
DSP 14, for performing positioning; a write data ampli- 
fier 14; a read data amplifier 1 6; an AGC amplifier 1 7; a 
head drive power amplifier 1 8; and a disk rotation motor 
controller 19. 

[0024] The mechanism controller 10 includes a head 
sensor 1 00, a data reading/writing laser diode 101, and 
a detector 102 for detecting the inclination of a head. 
Further, the mechanism controller 10 includes a focus 
actuator 1 03, which is controlled by the head drive pow- 
er amplifier 1 8; a track actuator 1 04; a disk ejection mo- 
tor 1 05; a head drive voice coil motor 1 06; and a spindle 
motor 107, which is controlled by the motor controller 
19 for rotating a disk. 

[0025] When an operator enters an instruction at a 
keyboard 3 of the personal computer 2, a SCSI com- 
mand is transmitted by the computer 2 to the magneto- 
optical disk controller (ODC) 1 1 to initiate the writing/ 
reading of data. Connected to the computer 2 is a dis- 
play 4 on which data are displayed. 
[0026] The magneto-optical disk controller (ODC) 1 1 , 
which is provided with flash ROM for the storage of 
firmware, has an analysis function for analyzing SCSI 
commands received from the computer 2, and a coor- 
dination function for interacting with the MPU 12, in re- 
sponse to a SCSI command, to provide data writing/ 
reading control of the mechanism controller 1 0. 
[0027] The present invention can be applied not only 
for a SCSI command system but also for another com- 
mand system, such as an ATA/ATA Pl/S AS I command 
system. 

[0028] Fig. 2 is a diagram showing an example layout 
of a disk format for a magneto-optical disk (MO), i.e., 
the arrangement of areas on a medium as specified by 
the ISO standards established for 3.5 inch magneto-op- 
tical disk cartridges. As is shown in Fig. 2, in a range 
expending from a radius of 23.72 mm from the center of 
the MO disk to a radius of 41 .00 mm is a data area in 
which user data can be recorded. The inside and the 
outside areas in the radial direction are medium. infor- 
mation management areas in which are stored various 
medium information, such as the type and the structure 
of a medium. 

[0029] In the preferred embodiments of the present 
invention, an additional security area is provided in the 
medium information management area, and recorded 



as security information in the security area is a device 
identifier inherent to a magneto-optical disk device 
(hereinafter referred to as a storage device), such as a 
serial number. Or alternately, areas for manufacturers 
5 in an inner test zone and an outer test zone or a buffer 
zone in Fig. 2 may be employed as security areas. 
[0030] When a magneto-optical disk in which the de- 
vice identifier is recorded is inserted into a specific stor- 
age device, data reading/writing control is provided in 
accordance with the relationship between the device 
identifier of the storage device and the device identifier 
recorded in the medium. For example, only when the 
two identifiers match, the reading/writing of data is per- 
mitted. In other words, since a storage device whose 
device identifier differs from that recorded in a medium 
inhibits the reading/writing of data from/to the medium, 
the secrecy of data can be maintained. 
[0031 ] The writing in a medium of the device identifier 
is performed by the magneto-optical disk controller 
(ODC) 11 of a storage device in accordance with a se- 
curity setup command received from a superior appara- 
tus. Fig. 3 is a diagram showing an example CDB (Com- 
mand Descriptor Block) for a security setup command 
which is transmitted from the personal computer 2 to the 
storage device 1 . The security setup command in Fig. 
3 is prepared by using a vender unique command for 
the SCSI interface. As is described above, the security 
setup data, according to which medium access is per- 
mitted only when the device identifier recorded in a me- 
dium matches the device identifier of a storage device, 
are set to the security level of the security setup com- 
mand. 

[0032] The security level may be designated in ac- 
cordance with a normal format command, instead of the 
security setup command being set by using the vender 
unique command. Fig. 4 is a diagram showing an exam- 
ple CDB for a format command for which the security 
level is set by using the SCSI command. 
[0033] When the magneto- optical disk controller 
(ODC) 11 of the storage device 1 receives a security 
setup command or a format command, the security level 
of which has been set, the disk controller 11 writes 
(records) the device identifier of the storage device in a 
pre-designated security area on the loaded medium. As 
a result, the security information is recorded in the me- 
dium. The device identifier of the storage device is 
stored in the flash ROM provided for the magneto-opti- 
cal disk controller (ODC) 11. 

[0034] Fig. 5 is a flowchart for the security process, 
performed by the above described storage device 1 , ac- 
cording co a first embodiment of the present invention. 
The security process, which will be explained below, is 
performed by the magneto-optical disk controller (ODC) 
1 1 of the storage device 1 . 

[0035] In Fig. 5, when a medium is set to (for example, 
inserted into) the storage device 1 at step S1 01 , the me- 
dium is loaded at step S1 02. That is, the medium is po- 
sitioned at a predetermined location within the storage 
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device 1 , and is rotated at a specific rotation rate. At step 
S103, data in the medium information management ar- 
ea on the medium are read, and at step S104, the se- 
curity information (device identifier) recorded in the se- 
curity area are read. 

[0036] At step S1 05, a check is performed to deter- 
mine whether the security area is in the initial state. 
When the security area is in the initial state, i.e., when 
no device identifier has been recorded in the security 
area, the process then advances to step S108, whereat 
the reading of data from the medium and the writing of 
data to it are permitted. It is assumed that the security 
level has not yet been set. 

[0037] If, at step S1 05, the device identifier has been 
recorded in the security area, i.e., if the security level 
has been set, at step S1 06, the device identifier record- 
ed on the medium is compared with the device identifier 
of the storage device 1 in which the medium is currently 
loaded in order to determine whether the two device 
identifiers match. 

[0038] When the two device identifiers match, the 
process then advances to step S108, whereat the se- 
curity is released and the reading of data from the me- 
dium and the writing of data to it are permitted. 
[0039] When at step S1 06, the two device identifiers 
do not match, the security is not released and the read- 
ing/writing of data is inhibited (step S107). 
[0040] As described above, in this embodiment, the 
security area in which the device identifier of a storage 
device is recorded is provided for the medium informa- 
tion management area. When the medium is loaded into 
the storage device and when the device identifier of the 
storage device does not match the device identifier re- 
corded in the medium, the reading and writing of data is 
inhibited. Thus, even though the medium has been sto- 
len, the secrecy of the data recorded in the medium can 
be maintained. 

[0041] To enhance the security, it is preferable that a 
further security function is prepared in addition to the 
above security information. 

[0042] Thus, read address information and write ad- 
dress information are recorded in the parameter head 
of a parameter, which is designated by the security set- 
up command (Fig. 3) orthe format command (Fig. 4) for 
which the security level has been set. Figs. 6A and 6B 
are diagrams showing an example structure for a pa- 
rameter designated by the above command. The pa- 
rameter is constituted by a parameter head shown in 
Fig. 6 A and a level descriptor shown in Fig. 6 B. The read 
and write address information is recorded in the param- 
eter head in Fig. 6 A. The level descriptor in Fig. 6B con- 
sists of a header of two bytes and a succeeding param- 
eter field. The parameter field is divided into units called 
pages, for individual function attributes. 
[0043] If, for example, the read address information 
has been designated, che reading of data is inhibited 
even when the device identifiers match. If the read ad- 
dress information has not been set, the reading of data 



is permitted. 

[0044] If the write address information has been des- 
ignated, the writing of data can be inhibited even when 
the device identifiers match. If the write address infor- 
5 mation has not been set, the writing of data is permitted. 
The read address information and the write address in- 
formation are recorded in the security area at the same 
time when the device identifier of the storage device is 
recorded in the security area. 
10 [0045] When the read address information or the write 
address information has been set, the reading or writing 
of data is inhibited, which is inconvenient. Therefore, 
preferably, if the read address information or the write 
address information has been set, a predetermined 
is password is also set, so that when a password is input, 
the reading or writing of data can be enabled even 
though the address information has been set. In addi- 
tion, when a predetermined password has been set, re- 
gardless of whether the read or write address informa- 
tion has been set, and when reading and writing are per- 
mitted if the both of the device identifiers and the pass- 
words match, a double level of security can be estab- 
lished and the secrecy of data can be enhanced. 
[0046] The password is recorded in the level descrip- 
tor in the parameter. Fig. 7A is a diagram showing a 
page for a password in the parameter field (see Fig. 6B) 
of the level descriptor. When the security is set up, the 
password is recorded to the security area of the medium 
together with the address information. Fig. 7B is a dia- 
gram showing pages, in the parameter field of the level 
descriptor, designated for a logical block address (LBA), 
which will be described later. 

[0047] Fig. 8 is a flowchart for the security process 
performed according to a second embodiment of the 
present invention. In the second embodiment, the read 
address information is recorded in the above described 
parameter head. Since steps S201 to S205 in Fig. 8 cor- 
respond to steps S1 01 to S1 05 in Fig. 5, no explanation 
for them will be given. 

[0048] When, at step S205, the security area is in the 
initial state, it is assumed that the security information 
has not yet been set, and the process advances to step 
S21 1 , whereat the reading of data from the medium and 
writing of data to the medium are permitted. If, at step 

5205, the security information has been set, at step 

5206, the device identifier recorded on the medium is 
compared with the device identifier of a storage device 
into which the medium has currently been loaded to de- 
termine whether the two device identifiers match. When 
the device identifiers do not match, the security is not 
released, and the reading and writing of data are inhib- 
ited (step S207). 

[0049] When the two device identifiers match, the 
process advances to step S208, whereat a check is per- 
formed to determine whether reading in accordance 
with the read address information is permitted. When 
read address information has not been set, the process 
advances. to step S209, whereat the reading of data is 
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enabled but the writing of data is inhibited. That is, even 
though data stored on the medium can be read and the 
contents can be examined, the writing of data, such as 
the altering of data, is not enabled. When the read ad- 
dress information has been set, the process advances 
to step S210, whereat both the reading and the writing 
of data are inhibited. 

[0050] Fig. 9 is a flowchart showing the security proc- 
ess performed according to a third embodiment of the 
present invention. In this embodiment, the write address 
information is set in the parameter header. Since steps 
S301 to S305in Fig. 9 correspond to steps S1 01 to S 105 
in Fig. 5, no explanation for them will be given. 
[0051] When, at step S305, the security area is in the 
initial state, it is assumed that the security information 
has not yet been set and the process advances to step 
S311 , whereat the reading of data from the medium and 
the writing of data to the medium are permitted. If, at 
step S305, the security information has been set, at step 
S306, the device identifier recorded on the medium is 
compared with the device identifier of the storage device 
into which the medium has currently been loaded to de- 
termine whether the two device identifiers match. When 
the device identifiers do not match, the security are not 
released, and the reading and the writing of data are 
inhibited (step S307). 

[0052] When the two device identifiers match, the 
process advances to step S308, whereat a check is per- 
formed to determine whether writing in accordance with 
the write address information is permitted. When the 
write address information has not been set, the process 
advances to step S309, whereat the writing of data is 
permitted but the reading of data is inhibited. That is, 
even though new data can be created, the data stored 
on the medium can not be read. When the write address 
information has been set, the process advances to step 
S310, whereat both the reading and the writing of data 
are inhibited. 

[0053] Fig. 10 is a flowchart showing the security 
process performed according to a fourth embodiment of 
the present invention. In this embodiment, both the read 
address information and the write address information 
are set in the parameter header. Since steps S401 to 
S405 in Fig. 10 correspond to steps S101 to S105 in 
Fig. 5, no explanation for them will be given. 
[0054] When, at step S405, the security area is in the 
initial state, it is assumed that the security information 
has not yet been set, and the process advances to step 
S41 5, whereat the reading of data from the medium and 
writing of data to the medium are permitted. If, at step 

5405, the security information has been set, at step 

5406, the device identifier recorded on the medium is 
compared with the device identifier of the storage device 
into which the medium has currently been loaded to de- 
termine whether the two device identifiers match. When 
the device identifiers do not match, the security is not 
released, and the reading and the writing of data are 
inhibited (step S407). 



[0055] When the two device identifiers match, the 
process advances to step S408, whereat a check is per- 
formed to determine whether reading in accordance 
with the read address information is permitted. When 
5 the read address information has been set, the process 
advances to step S409, whereat a check is performed 
to determine whether writing in accordance with the 
write address information is permitted. When the write 
address information has been set, at step S41 0 both the 
10 reading and the writing of data are enabled. If, at step 
S409, the write address information has not been set, 
at step S41 1 , the reading of data is enabled and the writ- 
ing of data is inhibited. 

[0056] If, at step S408, the read address information 
has not been set, the process advances to step S412, 
whereat, as well as at step S409, a check is performed 
to determine whether writing in accordance with the 
write address information is permitted. When the write 
address information has been set, at step S41 3, the writ- 
ing of data is permitted but the reading of data is inhib- 
ited. If, at step S412, the write address information has 
not been set, at step S414, both the reading and the 
writing of data are inhibited. 

[0057] In above described embodiments, the security 
is set to all data stored in the medium is read. But it is 
preferable to set the security to a part of the data, be- 
cause a part of the data needs to be set the security. 
[0058] Therefore, when the security information is re- 
corded to the medium, a logical block address (LBA) for 
data for which the security is to be set is designated to 
the level descriptor for the parameter in Fig. 6. More spe- 
cifically, an LBA designation page to designate data for 
which the security is to be set is provided for the param- 
eter field in the level descriptor (see Fig. 7B). As is 
shown in Fig. 7B, a single data LBA (security LBA) for 
setting the security is designated which has, for exam- 
ple, a length of three bytes. The data for the security 
LBA are recorded in the security area at the same time 
as the device identifier of the storage device is recorded 
in the security area. 

[0059] Fig. 1 1 is a flowchart for the security process 
performed according to a fifth embodiment of the 
present invention. In the fifth embodiment, as well as in 
the second embodiment, the security LBA is set when 
the read address information is set. Since steps S501 
to S505 in Fig. 11 correspond to steps S101 to S105 in 
Fig. 5, no explanation for them will be given. 
[0060] When, at step S505, the security area is in the 
initial state, it is assumed that the security information 
has not yet been set and the process advances to step 
S51 6, whereat the reading of data from the medium and 
the writing of data to the medium are permitted. If, at 
step S505, the security information has been set, at step 
S506, the device identifier recorded on the medium is 
compared with the device identifier of the storage device 
into which the medium has currently been loaded to de- 
termine whether the two device identifiers match. When 
the device identifiers do not match, at step S507, a 
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check is performed to determine whether a security LBA 
has been designated in the security area. When a se- 
curity LBA has not been designated, the reading and the 
writing of data are inhibited (step S508). 
[0061] If, at step S507, a security LBA has been des- 
ignated, at step S509, a check is performed to determine 
whether the LBA for the data that are being accessed 
has been included in the secu rity LBA. If the LBA for the 
data has been included in the security LBA, the process 
advances to step S51 0, whereat the reading of data and 
the writing of data are inhibited. 

[0062] If the LBA for the data has not been included, 
the process advances to step S51 1 , whereat the reading 
of data and the writing of data are permitted. 
[0063] When, at step S506, the two device identifiers 
match, at step S512, a check is performed to determine 
whether the LBA for the data that are being accessed 
has been included in the security LBA. If the LBA for the 
data has been included in the security LBA, the process 
advances to step S513, whereat a check is performed 
to determine whether reading in accordance with read 
address information is enabled. 

[0064] When the read address information has been 
set, the process advances to step S514, whereat the 
reading of data is permitted but the writing of data is in- 
hibited. That is, though data stored on the medium can 
be read and the contents can be examined, the writing 
of data, such as the altering of data, is not enabled. 
When the read address information has not been set, 
the process advances to step S515, whereat both the 
reading and the writing of data are inhibited. 
[0065] If, at step S512, the LBA for the data that are 
being accessed has not been included in the security 
LBA, the process advances to step S516, whereat the 
reading of data and the writing of data are permitted. 
[0066] Fig. 12 is a flowchart for the security process 
performed according to a sixth embodiment of the 
present invention. In the sixth embodiment, as well as 
in the third embodiment, the security LBA is set when 
the write address information is set. Since steps S601 
to S605 in Fig. 12 correspond to steps S101 to S105 in 
Fig. 5, no explanation for them will be given. 
[0067] When, at step S605, the security area is in the 
initial state, it is assumed that the security information 
has not yet been set and the process advances to step 
S61 6, whereat the reading of data from the medium and 
the writing of data to the medium are permitted. If, at 
step S605, the security information has been set, at step 
S606, the device identifier recorded on the medium is 
compared with the device identifier of the storage de- 
vice, into which the medium has currently been loaded 
to determine whether the two device identifiers match. 
When the device identifiers do not match, at step S607, 
a check is performed to determine whether the security 
LBA has been designated in the security area. When 
the security LBA has not been designated, the reading 
and the writing of data are inhibited (step S608). 
[0068] If, at step S607, the security LBA has been 



designated, at step S609, a check is performed to de- 
termine whether the LBA for the data that are being ac- 
cessed has been included in the security LBA. If the LBA 
for the data has been included in the security LBA, the 

5 process advances to step S61 0, whereat the reading of 
data and the writing of data are inhibited. 
[0069] If the LBA for the data has not been included, 
the process advances to step S611 , whereat the reading 
of data and the writing of data are permitted. 

10 [0070] When, at step S606, the two device identifiers 
match, at step S612, a check is performed to determine 
whether the LBA for the data that are being accessed 
has been included in the security LBA. If the LBA for the 
data has been included in the security LBA, the process 

15 advances to step S61 3, whereat a check is performed 
to determine whether writing in accordance with the 
write address information is enabled. 
[0071] When the write address information has been 
set, the process advances to step S61 4, whereat writing 

20 of data is permitted but the reading of data is inhibited. 
That is, though the creation of new data is permitted, the 
reading of data from the medium is inhibited. When the 
write address information has not been set, the process 
advances to step S615, whereat both the reading and 

25 the writing of data are inhibited. 

[0072] If, at step S612, the LBA for the data that are 
being accessed has not been included in the security 
LBA, the process advances to step S616, whereat the 
reading of data and the writing of data are permitted. 

30 [0073] Fig. 1 3 is a flowchart for the security process 
performed according to a seventh embodiment of the 
present invention. In the seventh embodiment, as well 
as in the third embodiment, the security LBA is set when 
the read address information and the write address in- 

35 formation are set. Since steps S701 to S705 in Fig. 13 
correspond to steps S101 to S105 in Fig. 5, no expla- 
nation for them will be given. 

[0074] When, at step S705, the security area is in the 
initial state, it is assumed that the security information 
40 has not yet been set and the process advances to step 
S720, whereat the reading of data from a medium and 
the writing of data to the medium are permitted. If, at 
step S705, the security information has been set, at step 

5706, the device identifier recorded on the medium is 
45 compared with the device identifier of the storage device 

into which the medium has currently been loaded in or- 
der to determine whether the two device identifiers 
match. When the device identifiers do not match, at step 

5707, a check is performed to determine whether the 
50 security LBA has been designated in the security area. 

When the security LBA has not been designated, the 
reading and the writing of data are inhibited (step S708). 
[0075] If, at step S707, the security LBA has been 
designated, at step S709, a check is performed to de- 
55 termine whether the LBA for the data that are being ac- 
cessed has been included in the security LBA. If the LBA 
for the data has been included in the security LBA, the 
process advances to step S71 0, whereat the reacting of 
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data and the writing of data are inhibited. 
[0076] If the LB A for the data has not been included, 
the process advances to step S71 1 ; whereat the reading 
of data and the writing of data are permitted. 
[0077] When, at step S706, the two device identifiers 
match, at step S712, a check is performed to determine 
whether the LBA for the data that are being accessed 
has been included in the security LBA. If the LBA for the 
data has been included in the security LBA, the process 
advances to step S713, whereat a check is performed 
to determine whether reading in accordance with the 
read address information is enabled. When the read ad- 
dress information has been set, the process advances 
to step S71 4, whereat a check is performed to determine 
whether writing in accordance with the write address in- 
formation is enabled. When the write address informa- 
tion has been set, the process advances to step S715, 
whereat both the reading and the writing of data are per- 
mitted. When, at step S715, the write address informa- 
tion has not been set, at step S716 the reading of data 
is permitted but the writing of data is inhibited. 
[0078] If, at step S713, the read address information 
has been set, the process advances to step S717, 
whereat a check is performed to determine whether writ- 
ing in accordance with the write address information is 
enabled. When the write address information has been 
set, at step S71 8, the writing of data is permitted but the 
reading of data is inhibited. When, at step S717, the 
write address information has been not set, at step 
S71 9, both the reading and the writing of data are inhib- 
ited. If, at step S712, the LBA for the data that are being 
accessed has not been included in the security LBA, the 
process advances to step S720, whereat the reading of 
data and the writing of data are permitted. 
[0079] Fig. 14 is a flowchart for the security release 
process performed to release the security setup state in 
which the above described various security processes 
are performed. 

[0080] First, at step S801 a security release command 
is transmitted from the computers to the storage device 
1 . As well as the security setup command transmitted, 
the security release command is constituted by using 
the vender unique command at a SCSI interface. 
[0081] At step S802, the address information in the 
security area are read, and at step S803 a check is per- 
formed to determine whether there are security informa- 
tion in the security area. When security information has 
been recorded in the security area, the process advanc- 
es to step S804, whereat the device identifier included 
in the security area is compared with the device identifier 
of the storage device into which the medium has been 
loaded. When the two device identifiers match, a prede- 
termined initial value is recorded in the security area to 
return the area to the initial state (to initialize tne area) 
(step S805). 

[0082] When the device identifiers do not match, or 
when no security information is recorded in the security 
area, the security release process is not performed. 



[0083] Although not shown in the above flowchart, 
when the security information include a password, a 
step of inputting the password is provided, and only 
when the password included in the security information 
5 matches the password which was entered the release 
of security may be performed. 

[0084] In the above described embodiments of the 
present invention, the security information (a device 
identifier, an address information, a password, etc.) to 
10 be recorded in the security area may be encoded to en- 
hance the secrecy. In this case, specific information for 
encoding is added to the security setup command, and 
the security information that are encoded in accordance 
with the information for encoding is recorded in the se- 
15 curity area. 

[0085] Fig. 15 is a flowchart for the medium loading 
process performed when the security information is en- 
coded. In Fig. 15, when the medium is inserted into a 
storage device at step S901 , at step S902, the loading 
of the medium is initiated. At step S903, medium man- 
agement information is read, and at step S904, a check 
is performed to determine whether there is security in- 
formation included in the medium information. 
[0086] When, at step S904, it is determined that no 
security information is included, the process advances 
to step S909, whereat the reading and the writing of data 
the medium are enabled. 

[0087] If, at step S904, it is determined that the secu- 
rity information is included, at step S905 a check is per- 
formed to determine whether the security information is 
encoded. When the security information is encoded, at 
step S906, the security information is decoded. 
[0088] At step S907, the device identifier included in 
the security information is compared with the device 
identifier of the storage device into which the medium 
has currently been loaded to determine whether the two 
device identifiers match. When the device identifiers 
match, security is released and the process advances 
to step S909, whereat the reading and the writing of data 
to the medium are enabled. 

[0089] If, at step S907, the device identifiers do not 
match, the security is not released, and the reading data 
from and writing of data to the medium are inhibited 
(step S908). 

[0090] Fig. 16 is a flowchart for the medium loading 
process performed when the security information in Fig. 
15 includes a password. In Fig. 16, step S910 is added 
to the flowchart in Fig. 1 5. Specifically, when the security 
information is decoded at step S906, a password which 
is input is compared with a password included in the se- 
curity information. When the two passwords do not 
match, the security is not released, and the reading and 
the writing of data to the medium are inhibited (step 
S908). 

[0091] When the passwords match, the process ad- 
vances to step S907, whereat comparison of the device 
identifiers is performed as described above. 
[0092] For this process, the performance of steps 
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S907 and S910, i.e., the comparison of passwords and 
the comparison of device identifiers, may be inverted. 
The execution sequence for the password comparison 
step and the device identifier comparison step can be 
arbitrarily set by the user, the maker or the retailer of a 
storage device, and such a setup can also be arbitrarily 
changed. 

[0093] The encoding of the security information is per- 
formed by using, for example, a DES algorithm or a sim- 
ple bit rearrangement process. The security information 
may be converted, for example, into ASCII, JIS, EDICI- 
BIC or ECU code before being recorded in the security 
area. 

[0094] In the above described embodiments of the 
present invention, the reading or the writing of data is 
permitted when device identifiers match. However, 
when the device identifiers do not match, either the 
reading or the writing of data may be permitted. 
[0095] Further, another preferred embodiments of the 
present invention will now be described. 
[0096] In the another preferred embodiments of the 
present invention, an additional security area is provid- 
ed in the medium information management area, and 
the security area has a medium identifier inherent to a 
medium, such as a serial number of the medium. And 
the medium identifier in the security area is recorded in 
the storage device. 

[0097] When the medium in which the medium iden- 
tifier is recorded is inserted into a storage device, data 
reading/writing control is provided in accordance with 
the relationship between the medium identifier recorded 
in the storage device and the medium identifier of the 
medium. For example, only when the two identifiers 
match, the reading/writing of data is permitted. In other 
words, since a storage device whose medium identifier 
differs from that of the inserted medium inhibits the read- 
ing/writing of data from/to the medium, the secrecy of 
data can be maintained. 

[0098] The writing in the storage device of the medium 
identifier is performed by the magneto-optical disk con- 
troller (ODC) 11 of a storage device in accordance with 
a security setup command received from a superior ap- 
paratus. 

[0099] Fig. 1 7 is a flowchart for recording process of 
the medium identifier to the storage device. In Fig. 17, 
when the storage device receives a security setup com- 
mand at step S1011 , a check is performed to determine 
whether the medium identifier is already recorded in the 
storage device at step S1 01 2. Then, if already recorded, 
recorded medium identifier is compared with the medi- 
um identifier of the inserted medium at step 1013. In 
case that the two identifiers do not match, 
the process completed abnormally (step S1019). 
[0100] If not recorded yet at step S1 01 2, the medium 
identifier of the inserted medium is read by ODC 1 1 (step 
S1014), and the read medium identifier is recorded in a 
memory area in the ODC 1 1 (step S1 01 5). As described 
after, in case that security is set to a part of the data 



stored in the medium, an address information of the part 
of the data is recorded in the security area of the medium 
at step S1 01 6. A mode of the storage device is changed 
to a mode designated by security setup command at 
5 step S 1 0 1 7 and the process is completed normally (step 
S1018). 

[0101] Fig. 18 is a flowchart for the security process 
performed by the storage device 1, according to an 
eighth embodiment of the present invention. The secu- 
10 rity process, which will be explained below, is performed 
by the magneto-optical disk controller (ODC) 11 of the 
storage device 1 . 

[0102] In Fig. 18, Since steps S1101 to S1105 corre- 
spond to steps S101 to S105 in Fig. 5, no explanation 

15 for them will be given. 

[01 03] At step S1 1 05, a check is performed to deter- 
mine whether the security area is in the initial state. If, 
at step S1 1 05, the medium identifier has been recorded 
in the security area, i.e., if the security level has been 

20 set, at step S1 1 06, the medium identifier recorded in the 
storage device is compared with the medium identifier 
of the inserted medium in order to determine whether 
the two medium identifiers match. 
[0104] When the two medium identifiers match, the 

25 process then advances to step S1 1 08 and the security 
is released i.e. the reading/writing of the data from/to 
the medium is permitted (step S1108). 
[0105] When at step S11 06, the two medium identifi- 
ers do not match, the security is not released and che 

30 reading/writing of data is inhibited (step S1107). 

[0106] As described above, in this embodiment, the 
security area in which the medium identifier of the me- 
dium provided in the security area is recorded in.the stor- 
age device. When the medium is loaded into the storage 

35 device and when the medium identifier of the inserted 
medium does not match the medium identifier recorded 
in the storage device, the reading and writing of data is 
inhibited. Thus, even though the medium has been sto- 
len, the secrecy of the data recorded in the medium can 

40 be maintained. 

[0107] Fig. 1 9 is a flowchart for the security process 
performed according to a ninth embodiment of the 
present Invention. In the ninth embodiment, the read ad- 
dress information is recorded in the above described pa- 

45 rameter head. Since steps S1201 to S1205 in Fig. 19 
correspond to steps S201 to S205 in Fig. 8, no expla- 
nation for them will be given. 

[0108] If, at step S1205, the security information has 
been set, at step S1 206, the medium identifier read from 

so the storage device is compared with the medium iden- 
tifier of the inserted medium to determine whether the 
two medium identifiers match. When the medium iden- 
tifiers do not match, the process advances to step 
S1207 and when the two medium identifiers match, the 

55 process advances to step S 1208. 

[0109] Since steps S1207 to S 1211 in Fig. 19 corre- 
spond to steps S207 to S21 1 in Fig. 8, no explanation 
for them will be given. 



9 



17 



EP0 930 616B1 



18 



[0110] Fig. 20 is a flowchart showing the security 
process performed according to a tenth embodiment of 
the present invention. In this embodiment, the write ad- 
dress information is set in the parameter header. Since 
steps S1301 to S1305 in Fig. 20 correspond to steps 
S301 to S305 in Fig. 9, no explanation for them will be 
given. 

[0111] If, at step S1305, the security information has 
been set, at step S1 306, the medium identifier read from 
the storage device is compared with the medium iden- 
tifier of the inserted medium to determine whether the 
two medium identifiers match. When the medium iden- 
tifiers do not match, the process advances to stop 
S1307 and when the two medium identifiers match, the 
process advances to step S1308. 
[0112] Since steps S1307 to S1311 in Fig. 20 corre- 
spond to steps S307 to S311 in Fig. 9, no explanation 
for them will be given. 

[0113] Fig. 21 is a flowchart showing the security 
process performed according to an eleventh embodi- 
ment of the present invention. In this embodiment, both 
the read address information and the write address in- 
formation are set in the parameter header. Since steps 
S1401 to S1405 in Fig. 21 correspond to steps S401 to 
S405 in Fig.10, no explanation for them will be given. 
[0114] If, at step S1405, the security information has 
been set, at step S1 406, the medium identifier read from 
the storage device is compared with the medium iden- 
tifier of the inserted medium to determine whether the 
two medium identifiers match. When the medium iden- 
tifiers do not match, the process advances to step 
S1 407, and when the two medium identifiers match, the 
process advances to step S1408. 
[0115] Since steps S1407 to S1415 in Fig. 21 corre- 
spond to steps S407 to S41 5 in Fig.1 0, no explanation 
for them will be given. 

[0116] Fig. 22 is a flowchart for the security process 
performed according to twelfth embodiment of the 
present invention. In this embodiment, as well as in the 
fifth embodiment, the security LBA is set when read ad- 
dress information is set. Since steps S1501 to S1505 in 
Fig. 22 correspond to steps S1501 to S1505 in Fig. 12, 
no explanation for them will be given. 
[0117] If, at step S1505, the security information has 
been set, at step S1 506, the medium identifier read from 
the storage device is compared with the medium iden- 
tifier of the inserted medium to determine whether the 
two medium identifiers match. When the medium iden- 
tifiers do not match, the process advances to step 
S1507 and when the two medium identifiers match, the 
process advances to step S 1 5 1 2 . 
[0118] Since steps S1507 to S1516 in Fig. 22 corre- 
spond to steps S507 to S516 in Fig.11, no explanation 
for them will be given. 

[0119] Fig. 23 is a flowchart for the security process 
performed according to a thirteenth embodiment of the 
present invention. In this embodiment, as well as in the 
sixth embodiment, the security LBA is set when the write 



address information is set. Since steps S1 601 to S1 605 
in Fig. 23 correspond to steps S601 to S605 in Fig. 12, 
no explanation for them will be given. 
[0120] If, at step S1605, the security information has 

s been set, at step S1 606, the medium identifier read from 
the storage device is compared with the medium iden- 
tifier of the inserted medium to determine whether the 
two medium identifiers match. When the medium iden- 
tifiers do not match, the process advances to step 

w S1 607, and when the two medium identifiers match , the 
process advances to step S1612. 
[0121] Since steps S1607 to S 161 6 in Fig. 23 corre- 
spond to steps S607 to S616 in Fig. 12, no explanation 
for them will be given. 

*5 [0122] Fig. 24 is a flowchart for the security process 
performed according to a fourteenth embodiment of the 
present invention. In this embodiment, as well as in the 
seventh embodiment, the security LBA is set when the 
read address information and the write address infor- 

20 mation are set. Since steps S1701 to S1705 in Fig. 24 
correspond to steps S701 to S705 in Fig. 13, no expla- 
nation for them will be given. 

[0123] If, at step S1 705, the security information has 
been set, at step S1 706, the medium identifier read from 

25 the storage device is compared with the medium iden- 
tifier of the inserted medium in order to determine wheth- 
er the two medium identifiers match. When the medium 
identifiers do not match, the process advances to step 
S707 and when the two medium identifiers match, the 

30 process advances to step S71 2. 

[0124] Since steps S1707 to S1720 in Fig. 24 corre- 
spond to seeps S707 to S720 in Fig. 13, no explanation 
for them will be given. 

[0125] Fig. 25 is a flowchart for the security release 

35 process performed to release the security setup state in 
the another preferred embodiments. 
[0126] Since steps S1801 to S1803 in Fig. 25 corre- 
spond to steps S801 to S803 in Fig. 14, no explanation 
for them will be given. 

40 [0127] When security information has been recorded 
in the security area at step S1803, the process advanc- 
es to step S1 804, whereat the medium identifier record- 
ed in the storage device is compared with the medium 
identifier of the inserted medium. When the two medium 

45 identifiers match, a predetermined initial value is record- 
ed in the security area to return the area to the initial 
state (to initialize the area) (step S1805). 
[0128] When the medium identifiers do not match, or 
when no security information is recorded in the security 

so area, the security release process is not performed. 
[0129] In the above described another embodiments 
of the present invention, the security information (a me- 
dium identifier, an address information, a password, 
etc.) to be recorded in the security area may be encoded 

55 to enhance the secrecy. In this case, information for en- 
coding are added to the security setup command, and 
the security information that is encoded in accordance 
with the information for encoding are recorded in the se- 
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curity area. CI 
[0130] Fig. 26 is a flowchart for the medium loading 
process performed when security information is encod- 1 . 

ed. In Fig. 26, Since steps S1901 to S1806 in Fig. 26 
correspond to steps S901 to S906 in Fig. 15, no expla- 5 
nation for them will be given. 

[0131] At step S1 907, the medium identifier recorded 
in the storage device is compared with the medium iden- 
tifier of the inserted medium to determine whether the 
two medium identifiers match. When the medium iden- 10 
tifiers match, security is released and the process ad- 
vances to step S1 909, whereat the reading and the writ- 
ing of data to the medium are enabled. 
[01 32] If, at step S 1 907, the medium identifiers do not 
match, security is not released, and the reading data 1$ 
from and writing of data to the medium are inhibited 
(stepS 1908). 

[0133] Fig. 27 is a flowchart for the medium loading 
process performed when the security information in- 
cludes a password in Fig. 26. In Fig. 27, step S1910 is 20 
added to the flowchart in Fig. 26. Specifically, when the 
security information is decoded at step S1906, a pass- 
word which is input is compared with a password includ- 
ed in the security information. When the two passwords 
do not match, the security is not released, and the read- 25 
ing and the writing of data to the medium are inhibited 2. 
(step S1 908). When the passwords match, the process 
advances to step S1907, whereat comparison of the 
medium identifiers is performed as described above. 
[0134] As is described above, according to the 30 3. 
present invention, a security area is provided for a me- 
dium information management area on a medium, such 
as a magneto-optical disk, and a device identifier inher- 
ent to a storage device is recorded in the security area. 
When such a medium is inserted into a storage device, 35 
the device identifier recorded in the medium is com- 
pared with the device identifier of the storage device, 
and when the device identifiers do not match, accessing 
the data on the medium is inhibited. As a result, the data 4. 
secrecy is ensured. 40 
[0135] Further a medium identifier inherent to a me- 
dium is recorded in the storage device. When such a 
medium is inserted into a storage device, the medium 
identifier recorded in the storage device is compared 
with the medium identifier of the inserted medium, and 45 
when the medium identifiers do not match, accessing 
the data on the medium is inhibited. As a result, the data 5. 
secrecy is ensured. 

[01 36] The present invention may be embodied in oth- 
er specific forms without departing from the spirit or es- so 
sential characteristics thereof. The present embodiment 
is therefore to be considered in all respects as illustrative 
and not restrictive, the scope of the invention being in- 
dicated by the appended claims rather than by foregoing 
description and all change which come within the mean- 55 . 
ing and range of equivalency of the claims are therefore 
intended to be embraced therein. 



A data storage unit (1) for interfacing a computer 
(2), the data storage unit (1) accessing to read data 
from and/or to write data to a memory medium, said 
data storage unit (1) using firmware and compris- 
ing: 

an identifier storage unit for storing a unique 

identifier of said data storage unit (1), 

a security controller for reading said unique 

identifier and for writing said unique identifier in 

a security area on said memory medium as a 

second identifier when setting said memory 

medium in a security state; 

an identifier acquisition unit for acquiring said 

second identifier from said security area on said 

memory medium; and 

a controller for comparing said unique identifier 
with said second identifier and prohibiting from 
access to said memory medium if said unique 
identifyerand said second identifier do not cor- 
respond when said memory medium is in the 
security state. 

The data storage unit according to claim 1 , wherein 
said unique identifier is a serial number of a data 
storage unit. 

The data storage unit according to claim 1 , wherein 
read address information to be used to control data 
reading can be set in said memory medium, and 
said controller prohibits from reading of data if said 
read address information is set, even if access to 
said memory medium is permitted based on corre- 
sponding said unique identifier and said second 
identifier. 

The data storage unit according to claim 1 , wherein 
write address information to be used to control data 
writing can be set in said memory medium, and said 
controller prohibits from writing of data if said write 
address information is set, even if access to said 
memory medium is permitted based on correspond- 
ing said unique identifier and said second identifier. 

The data storage unit according to claim 1 , wherein 
first address information designating a predeter- 
mined area on said memory medium is recorded in 
said memory medium, and when receiving a re- 
quest to read and/or write data to said memory me- 
dium from said computer device with second ad- 
dress information designating a predetermined ar- 
ea on said memory medium, 

said controller prohibits from reading and/or 
writing of data if said second address information is 
not included in said first address information, even 
if access to said memory medium is permitted 
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based on corresponding said unique identifier and 
said second identifier. 

6. The data storage unit according to claim 1 , wherein 
said memory medium is one of writable memory 
media as a magnetic disk, a floppy disk, an optical 
disk, a magneto-optical disk and a phase change 
optical disk. 

7. A method for controlling a data storage unit as de- 
fined in claim 1 , comprising the steps of: 

acquiring said unique identifier stored in said 
identifier storage unit; 

making a security control for reading said 
unique identifier and for writing said unique 
identifier in a security area on said memory me- 
dium as a second identifier when setting said 
memory medium in a security state; 
acquiring a second identifier from said security 
area on said memory medium; and 
making a control for comparing said unique 
identifier with said second identifier and prohib- 
iting from access to said memory medium if 
said unique identifyer and said second identifi- 
er do not correspond when said memory medi- 
um is in the security state. 

8. The control method according to claim 7, wherein 
read address information to be used to control data 
reading can be set in said memory medium, and 
said controller prohibits from reading of data if said 
read address information is set, even if access to 
said memory medium is permitted based on corre- 
spondence of said unique identifier and said second 
identifier. 

9. The control method according to claim 7, wherein 
write address information to be used to control data 
writing can be set in said memory medium, and said 
controller prohibits from writing of data if said write 
address information is set, even rf access to said 
memory medium is permitted based on correspond- 
ing said unique identifier and said second identifier. 

10. The control method according to claim 9, further 
comprising the step of encoding the second identi- 
fier to be written in said security area on said mem- 
ory medium. 

11. The control method according to claim 7, wherein 
the security state can be cancelled by initializing 
said security area. 

12. The control method according to claim 7, wherein 
said security area on said memory medium is a me- 
dium information management area, established 
apart from a data area on said memory medium. 



13. The control method according to claim 7, wherein 
said memory medium is one of writable memory 
media as a magnetic disk, a floppy disk, an optical 
disk, a magneto-optical disk and a phase change 
5 optical disk. 



Paten tan sp ruche 

10 1. Datenspeichereinheit (1) zum AnschlieBen an ei- 
nen Computer (2), welche Datenspeichereinheit (1) 
zugreift, um Daten von einem Speichermedium zu 
lesen und/oder darauf zu schreiben, wobei die Da- 
tenspeichereinheit (1) Firmware verwendet und 

is umfaBt: 

eine Identifikatorspeichereinheit zum Spei- 
chem eines einzigartigen Identifikators der Da- 
tenspeichereinheit (1); 

20 einen Sicherheitscontroller zum Lesen des ein- 

zigartigen Identifikators und zum Schreiben 
des einzigartigen Identifikators in einen Sicher- 
heitsbereich auf dem Speichermedium als 
zweiten Identifikator, wenn das Speichermedi- 

25 um in einen Sicherheitszustand versetzt wind; 

eine Identifikatorerfassungseinheit zum Erfas- 
sen des zweiten Identifikators von dem Sicher- 
heitsbereich auf dem Speichermedium; und 
einen Controller zum Vergleichen des einzigar- 

30 tigen Identifikators mit dem zweiten Identifika- 

tor und Verhindern des Zugriffs auf das Spei- 
chermedium, falls der einzigartige Identifikator 
und der zweite Identifikator einander nicht ent- 
sprechen, wenn das Speichermedium in dem 

35 Sicherheitszustand ist. 

2. Datenspeichereinheit nach Anspruch 1 , bei der der 
einzigartige Identifikator eine laufende Nummer ei- 
ner Datenspeichereinheit ist. 

40 

3. Datenspeichereinheit nach Anspruch 1 , bei der Le- 
seadreBinformationen, die zu verwenden sind, um 
das Datenlesen zu steuem, in dem Speichermedi- 
um festgelegt sein konnen und der Controller das 

45 Lesen von Daten verhindert, falls die LeseadreBin- 
formationen festgelegt sind, auch wenn derZugriff 
auf das Speichermedium auf der Basis des einzig- 
artigen Identifikators und des zweiten Identifikators, 
die einander entsprechen, zutassig ist. 

50 

4. Datenspeichereinheit nach Anspruch 1, bei der 
SchreibadreBinformationen, die zu verwenden 
sind, um das Datenschreiben zu steuem, in dem 
Speichermedium festgelegt sein konnen und der 

55 Controller das Schreiben von Daten verhindert, falls 
die SchreibadreBinformationen festgelegt sind, 
auch wenn der Zugriff auf das Speichermedium auf 
der Basis des einzigartigen Identifikators und des 
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zweiten Identifikators, die einander entsprechen, 
zulassig ist. 

5. Datenspeichereinheit nach Anspruch 1, bei der er- 
ste AdreBinformationen, die einen vorbestimmten 
Bereich auf dem Speichermedium bezeichnen, in 
dem Speichermedium aufgezeichnet sind und, 
wenn eine Aufforderung zum Lesen und/oder 
Schreiben von Daten fur das Speichermedium von 
der Computervorrichtung mit zweiten AdreBinfor- 
mationen empfangen wird, die einen vorbestimm- 
ten Bereich auf dem Speichermedium bezeichnen, 

der Controller das Lesen und/oder Schreiben 
von Daten verhindert, falls die zweiten AdreBinfor- 
mationen in den ersten AdreBinformationen nicht 
enthalten sind, auch wenn der Zugriff auf das Spei- 
chermedium auf der Basis des einzigartigen Identi- 
fikators und des zweiten Identifikators, die einander 
entsprechen, zulassig ist. 

6. Datenspeichereinheit nach Anspruch 1 , bei der das 
Speichermedium eines von beschreibbaren Spei- 
chermedien ist, wie beispielsweise eine Magnet- 
platte, eine Diskette, eine optische Platte, eine ma- 
gneto-optische Platte und eine optische Phasenan- 
derungs platte. 

7. Verfahren zum Steuem einer Datenspeicherein- 
heit, wie sie in Anspruch 1 definiert ist, mit den 
Schritten: 

Erfassen des einzigartigen Identifikators, der in 
der Identifikatorspeichereinheit gespeichert ist; 
Vornehmen einer Sicherheitssteuerung zum 
Lesen des einzigartigen Identifikators und zum 
Schreiben des einzigartigen. Identifikators in ei- 
nen Sicherheitsbereich auf dem Speichermedi- 
um als zweiten Identifikator, wenn das Spei- 
chermedium in einen Sichemeitszustand ver- 
setzt wird; 

Erfassen eines zweiten Identifikators von dem 
Sicherheitsbereich auf dem Speichermedium; 
und 

Vornehmen einer Steuerung zum Vergleichen 
des einzigartigen Identifikators mit dem zwei- 
ten Identifikator und Verhindern des Zugriffsauf 
das Speichermedium, falls der einzigartige 
Identifikator und derzweite Identifikator einan- 
der nicht entsprechen, wenn das Speicherme- 
dium in dem Sicherheitszustand ist. 

8. Steuerverfahren nach Anspruch 7, bei dem Le- 
seadreBinformationen, die zu verwenden sind, urn 
das Datenlesen zu steuern, in dem Speichermedi- 
um festgelegt sein konnen und der Controller das 
Lesen von Daten verhindert, falls die LeseadreBin- 
formationen festgelegt sind, auch wenn der Zugriff 
auf das Speichermedium auf der Basis der Entspre- 



chung des einzigartigen Identifikators und des 
zweiten Identifikators zulassig ist. 

9. Steuerverfahren nach Anspruch 7, bei dem Schrei- 
5 badreBinformationen, die zu verwenden sind, um 

das Datenschreiben zu steuem, in dem Speicher- 
medium festgelegt sein konnen und der Controller 
das Schreiben von Daten verhindert, falls die 
SchreibadreBinformationen festgelegt sind, auch 
10 wenn der Zugriff auf das Speichermedium auf der 
Basis des einzigartigen Identifikators und des zwei- 
ten Identifikators, die einander entsprechen, zulas- 
sig ist. 

15 10. Steuerverfahren nach Anspruch 9, ferner mit dem 
Schrittzum Codieren des zweiten Identifikators, der 
in den Sicherheitsbereich auf dem Speichermedi- 
um zu schreiben ist. 

20 11. Steuerverfahren nach Anspruch 7, bei dem der Si- 
cherheitszustand unterdriickt werden kann, indem 
der Sicherheitsbereich initialisiert wird. 

12. Steuerverfahren nach Anspruch 7, bei dem der Si- 
25 cherheitsbereich auf dem Speichermedium ein Me- 
dieninformationsverwaltungsbereich ist, der ge- 
trennt von einem Datenbereich auf dem Speicher- 
medium eingerichtet wird. 

so 13. Steuerverfahren nach Anspruch 7, bei dem das 
Speichermedium eines von beschreibbaren Spei- 
chermedien ist, wie beispielsweise eine Magnet- 
platte, eine Diskette, eine optische Platte, eine ma- 
gneto-opt ische Platte und eine optische Phasenan- 

35 derungsplatte. 



Revendications 

40 1 . Unite de memorisation de donnees (1 ) pour interfa- 
cer un ordinateur (2), I'unite de memorisation de 
donnees (1) accedant pour lire des donnees et/ou 
ecrire des donnees a un support de memorisation, 
ladite unite de memorisation de donnees (1) utili- 

45 sant un micrologiciel et comprenant : 

une unite de memorisation d'identificateur pour 
memoriser un identificateur unique de ladite 
unite de memorisation de donnees (1), 
50 un controleur securise pour lire ledit identifica- 

teur unique et pour ecrire ledit identificateur 
unique dans une zone securisee sur ledit sup- 
port de memorisation en tant que deuxieme 
identificateur lorsque ledit support de memori- 
es sation est mis dans un etat securise ; 

u ne unite d'acquisition d'identificateur pour ac- 
querir ledit deuxieme identificateur a partir de 
ladite zone securisee sur ledit support de 
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memorisation ; et 

un controleur pour comparer ledit identificateur 
unique avec ledit deuxieme identificateur et 
pourinterdire un acces audit support de memo- 
risation si ledit identificateur unique et ledit 
deuxieme identificateur ne correspondent pas 
lorsque ledit support de memorisation est dans 
I'etat securise. 

2. Unite de memorisation de donnees selon la reven- 
dication 1 , dans laquelle ledit identificateur unique 
est un numero de serie d'une unite de memorisation 
de donnees. 

3. Unite de memorisation de donnees selon la reven- 
dication 1 , dans laquelle des informations d'adresse 
de lecture devant etre utilisees pour controler la lec- 
ture de donnees peuvent etre positionnees dans le- 
dit support de memorisation, et ledit controleur in- 
terdit une lecture de donnees si iesdites informa- 
tions d'adresse de lecture sont positionnees, meme 
si un acces audit support de memorisation est auto- 
rise sur la base d'une correspondance entre ledit 
identificateur unique et ledit deuxieme identifica- 
teur. 

4. Unite de memorisation de donnees selon la reven- 
dication 1 , dans laquelle des informations d'adresse 
d'ecriture devant etre utilisees pour controler I'ecri- 
ture de donnees peuvent etre positionnees dans le- 
dit support de memorisation, et ledit controleur in- 
terdit une ecriture de donnees si Iesdites informa- 
tions d'adresse d'ecriture sont positionnees, meme 
si un acces audit support de memorisation est auto- 
rise sur la base d'une correspondance entre ledit 
identificateur unique et ledit deuxieme identifica- 
teur. 

5. Unite de memorisation de donnees selon la reven- 
dication 1, dans laquelle des premieres informa- 
tions d'adresse d6signant une zone predetermined 
sur ledit support de memorisation sont enregistrees 
dans ledit support de memorisation, et lors de la re- 
ception d'une demande de lecture et/ou d'ecriture 
de donnees sur ledit support de memorisation pro- 
venant dudit dispositif informatique avec des 
deuxiemes informations d'adresse designant une 
zone predeterminee sur ledit support de memorisa- 
tion, 

ledit controleur interdit une lecture et/ou une 
ecriture de donnees si Iesdites deuxiemes informa- 
tions d'adresse ne sont pas comprises dans Iesdi- 
tes premieres informations d'adresse, meme si un 
acces audit support de memorisation est autorise 
sur la base d'une correspondance entre ledit iden- 
tificateur unique et ledit deuxieme identificateur. 

6. Unite de memorisation de donnees selon la reven- 



dication 1 , dans laquelle ledit support de memori- 
sation est Tun de supports de memorisation inscrip- 
tibles tels qu'un disque magnetique, une disquette, 
un disque optique, un disque magneto-optique et 
5 un disque optique a changement de phase. 

7. Procede de controle d'une unite de memorisation 
de donnees selon la revendication 1, comprenant 
les etapes consistant a : 

acquerir ledit identificateur unique memorise 
dans ladite unite de memorisation 
d'identificateur ; 

effectuer un controle securise pour lire ledit 
15 identificateur unique et pour ecrire ledit identi- 

ficateur unique dans une zone securisee sur le- 
dit support de memorisation en tant que deuxie- 
me identificateur lorsque ledit support de me- 
morisation est mis dans un etat securise ; 
20 acquerir un deuxieme identificateur a partir de 

ladite zone securisee sur ledit support de 
memorisation ; et 

effectuer un controle pour comparer ledit iden- 
tificateur unique avec ledit deuxieme identif ica- 
25 teur et pour interdire un acces audit support de 

memorisation si ledit identificateur unique et le- 
dit deuxieme identificateur ne correspondent 
pas lorsque ledit support de memorisation est 
dans I'etat securise\ 

30 

8. Procede de controle selon la revendication 7, dans 
lequel des informations d'adresse de lecture devant 
etre utilisees pour controler une lecture de donnees 
peuvent etre positionnees dans ledit support de me- 
ss morisation, et ledit controleur interdit une lecture de 

donnees si Iesdites informations d'adresse de lec- 
ture sont positionnees, meme si un acces audit sup- 
port de memorisation est autorise sur la base d'une 
correspondance entre ledit identificateur unique et 
40 ledit deuxieme identificateur. 

9. Procede de controle selon la revendication 7, dans 
lequel des informations d'adresse d'ecriture devant 
etre utilisees pour controler une ecriture de don- 

45 nees peuvent etre positionnees dans ledit support 
de memorisation, et ledit contrdleur interdit une 
ecriture de donnees si Iesdites informations 
d'adresse d'ecriture sont positionnees, meme si un 
acces audit support de memorisation est autorise 
so sur la base d'une correspondance entre ledit iden- 
tificateur unique et ledit deuxieme identificateur. 

1 0. Procede de controle selon la revendication 9, com- 
prenant en outre I'etape consistant a coder le 

55 deuxieme identificateur devant etre ecrit dans ladite 
zone securisee sur ledit support de memorisation. 

1 1 . Procede de controle selon la revendication 7, dans 
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lequel I'etat securise peut etre annule en initialisant 
ladite zone securisee. 

12. Procede de controle selon la revendication 7, dans 
lequel ladite zone securisee surledit support de me- 5 
morisation est une zone de gestion d'informations 

de support etablle a part d'une zone de donnees sur 
ledit support de memorisation. 

13. Procede de controle selon la revendication 7, dans 10 
lequel ledit support de memorisation est Tun de sup- 
ports de memorisation inscriptibles tels qu'un dis- 
que magnetique, une disquette, un disque optique, 

un disque magneto-optique et un disque optique a 
changement de phase. is 
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FIG. 4 
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FIG. 16 
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